How to protect industrial security in the hybrid working era

With cybercrime attacks rising steeply in recent months, revisiting and revising your company’s security strategy is essential, says Tim Grieveson, CISO, AVEVA

Global cyber breaches have reached record levels in recent months. As the pandemic subsides, new hybrid working models are here to stay – along with a globally widened attack surface for businesses.

Cybercriminals have become acutely attuned to exploiting every stage of the pandemic, calculating how they can tap loopholes in new working methods and processes for their own gain. The annual State of The Phish report from Proofpoint reports an “explosion of pandemic-themed phishing scams” and a continued surge in ransomware attacks.

What’s more, Internet of Things attacks specifically are on course to quadruple, having crossed the 1.51 billion mark in the first half of 2021 as compared to 639 million in 2020, Kaspersky data shows.

As such, security leaders must raise awareness across their organizations, and empower individuals to do their part. Now is the time to ramp up enterprise cybersecurity practices and work with employees to help minimize the risks.

Here are five key strategies to help industrial organizations stay ahead of cyber criminals.

Revise your endpoint strategy
As hybrid working continues to become the norm, the number of endpoints is likely to expand over the future. Security leaders can mitigate current threats by implementing a unified endpoint management strategy that does not rely on internet connectivity. Endpoint security can no longer be a bolt-on solution but must be seamlessly incorporated into prevailing security architecture, facilitating a coordinated approach to incident management.

Implement tiered access
The principle of least privilege management determines which individuals within an organization can view sensitive information. Access is limited to a small number of C-level users and to those who need it to perform their jobs. The strategy reduces the attack surface available to hackers. Network segmentation, privileged identity management and systems hardening are some routes to implementing least privilege management.

Beef up threat response capacity
Building out dedicated threat detection and response capabilities against advanced persistent threats will help the enterprise identify targeted attacks and stop them before significant damage occurs. Automated detection systems can gather security and event data from endpoint devices across the network and provide the visibility required to stay ahead of emerging threats.

Patch it up
Regular patch management ensures that all organizational software is up to date and that known vulnerabilities have been fixed. Similarly, compliance measures protect the confidentiality and integrity of data. Updating SCADA and ICS systems in line with advisories from the US Cybersecurity Incident Security Agency will ensure both aspects are taken care of and keep organizations abreast of the hackers.

Training and more training
As simple as it sounds, training up your staff can prevent the large majority of attacks breaking through. The National Cybersecurity Alliance recommends that cybersecurity be made part of employee onboarding, and that staff are trained to be mindful of cybersecurity as they log onto IT and OT systems each day.

Deloitte estimates that 40 per cent of manufacturing firms experienced a cyber-attack last year, with 38 per cent of those suffering from over $1 million in damages. With so much at stake, it is everyone’s responsibility to help build a safer and more resilient world.